From owner-freebsd-security Mon Feb 17 15:44:41 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id PAA24916 for security-outgoing; Mon, 17 Feb 1997 15:44:41 -0800 (PST) Received: from cold.org (cold.org [206.81.134.103]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA24910 for ; Mon, 17 Feb 1997 15:44:36 -0800 (PST) Received: from localhost (brandon@localhost) by cold.org (8.8.5/8.8.3) with SMTP id QAA13620 for ; Mon, 17 Feb 1997 16:44:49 -0700 (MST) Date: Mon, 17 Feb 1997 16:44:49 -0700 (MST) From: Brandon Gillespie To: security@freebsd.org Subject: Re: blowfish passwords in FreeBSD In-Reply-To: <199702172225.XAA21874@ocean.campus.luth.se> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > That would be GREAT! If nothing else, when you choose DES, just pop up a > requester and say "Are you within the USA? (Yes/No/Cancel)" and default > it to cancel. I for one haven't bothered to install DES because it seems > too much of a hassle. If you could just say "No, I'm not from the USA" and > have sysinstall try a few Non-US sites and get the DES if you tried to > install from a site called .edu/.us or .org/.com known to be US, or so. > I dunno. Something at least. Something the user basically just have to say > "No, I'm not from the USA" to, and it would do the rest. Period. > Jordan? :-) I think also that people should be more educated on why they should want DES. I personally picked DES initially because it was something I recognized, and I had no idea what FreeBSD did without it (I didn't realize MD5 was just used instead--and soon SHA-1). Perhaps explaining that the ONLY REASON you would really even want DES is when either using network services that assumes it, with other boxes (i.e. yp) or when upgrading an old DES based box. SHA-1 is much MUCH better. -Brandon Gillespie